Security Response

Have you discovered a web security flaw that might impact one of our products? Here’s how you can report it.

Last updated: April 30, 2024

Security response

We appreciate your concern

Keeping customer data safe and secure is a huge responsibility and a top priority. We work hard to protect our customers from the latest threats. Your input and feedback on our security is always appreciated.

Reporting security problems

Report security vulnerabilities via email to our Security team and we will respond within 72 hours.

For other urgent or sensitive reports, please email our Security team. We’ll respond as soon as we can.

For requests that aren’t urgent or sensitive: submit a support request.

Tracking and disclosing security issues

Once you have submitted a report, the following steps will be followed:

  • We’ll acknowledge your report.
  • We’ll triage your report and determine whether it’s eligible for a bounty.
  • We’ll investigate the issue and determine how it impacts our products. We won’t disclose issues until they’ve been fully investigated and patched, but we’ll work with you to ensure we fully understand severity and impact.
  • Once the issue is resolved, we’ll post a security update along with thanks and credit for the discovery.